Why a nexus of regulatory requirements may take IT by surprise

Why a nexus of regulatory requirements may take IT by surprise

Editor's note: This is part 2 of a four-part series covering the state of sustainable supply-chain management in the IT sector. Read part 1 focused on product takeback and e-waste recycling here.

My previous post Product takeback and e-waste recycling: A growing business opportunity discussed best-in-class solutions to the challenge posed by state-level legislation mandating e-waste recycling. To recap, Malk Sustainability Partners (MSP), a specialty management consultancy that guides businesses in developing profitable corporate sustainability strategies, engaged 29 global IT companies and five industry experts to investigate the key drivers, important issues, and popular strategies behind the sector’s adoption of sustainable supply-chain management (SSCM). MSP then synthesized this information into a study describing the state of SSCM in IT, available for download here.

This post will discuss key drivers of SSCM strategies identified by interview respondents.

Sustainability and supply chain managers at IT companies identified four drivers of SSCM strategies as primary to their companies’ efforts at similar frequencies:

Stakeholder interest – 34 percent

Leadership – 24 percent

Risk and cost management – 31 percent

Regulatory pressure and compliance – 31 percent

Managers who identified stakeholder interest as a primary driver of SSCM strategies typically referred to stakeholders as customers and investors. Customers, listed as government, enterprise buyers, individual consumers, universities, original equipment manufacturers, and retailers, communicate interest in corporate sustainability up the supply chain through self-assessment questionnaires and supplier codes of conduct. Public sector customers were reported as adding sustainability requirements to their procurement decisions by referencing standards such as the Electronics Product Environmental Assessment Tool (EPEAT) registry. Apple’s recent decision to remove and then subsequently re-list their products in the EPEAT registry demonstrates the power green labels can exert when coupled with increasing stakeholder interest in corporate sustainability.

The 24 percent of respondents who cited leadership as a primary driver of their companies’ SSCM strategies highlighted pressure to implement originated from internal interest and industry forums. Respondents indicated internal interest in SSCM strategies originates from bottom up or top down initiatives. Bottom up efforts were characterized as struggling to maintain a consistent budget due to limited "buy-in" from top level management, but top down efforts were mentioned as lacking the "on-the-ground" understanding of functional silos required to implement a successful SSCM strategy. Industry forums, like the EICC and GeSI, were highlighted as both a driver and valuable tool for SSCM. Companies are driven to participate to remain competitive on sustainability issues because these forums provide a compass to navigate diverging regulatory standards across regions, tools to implement SSCM initiatives, and platforms to showcase accomplishments.

Respondents who referenced cost management as a primary driver of their companies’ SSCM strategies identified reductions in operating, product delivery, and compliance costs. Specifically, SSCM strategies that focus on green purchasing policies improve the efficiency of internal production processes; often through decreased use of energy, water, and other production inputs. Likewise, SSCM strategies that partner with vendors to reduce packaging in product shipments improve cost competitiveness. In 2006, for instance, Nokia reduced the packaging for its phones by over 50 percent. By the end of 2007, this SSCM-improvement translated into financial savings of over $130 million. Finally, certain IT companies reported having developed life-cycle assessment (LCA) tools to leverage concern for compliance risk and drive new business.

Respondents who referenced risk management highlighted NGO efforts, like those of Greenpeace and the Enough Project, as compounding the risk associated with unsustainable business operations being discovered and driving corporate action in SSCM.

The 31 percent of respondents who reported regulatory pressure and compliance as a primary driver of their companies’ SSCM strategies focused heavily on three regulations: the California Transparency in Supply Chains Act, the Sarbanes-Oxley Act (SOX), and Section 1502 of the Dodd-Frank Act. The first is a state-level regulation that requires companies that earn a minimum of $100 million of revenue in California to audit suppliers, certify that there is no form of human trafficking or compulsory labor present in their supply chains, and disclose this information to the public. The second, as a response to the Enron scandal, requires C-suite executives to verify all information submitted to the SEC is factual and accurate. The third requires companies to report to the SEC whether or not their supply chains use minerals sourced from conflict regions in or around the Democratic Republic of Congo.

While the California Transparency in Supply Chains Act and Section 1502 of the Dodd-Frank Act are clearly connected to SSCM, I found it surprising that respondents mentioned SOX as a regulatory driver of SSCM strategies in IT companies. A deeper look revealed an interesting nexus between Section 1502 and SOX. Specifically, Section 1502 currently relies on public pressure, not financial penalties or jail time, to deter U.S. companies from socially irresponsible business operations, but companies’ compliance information is disseminated through the SEC. Thus, companies that fail to adhere to stipulations in Section 1502 threaten CEOs’ SOX compliance.

This interaction between Section 1502 and SOX regulations reveals executives are likely to consider the potential ramifications of failing to comply with Section 1502 more seriously than they otherwise would have. After Section 1502 passed an SEC vote on August 22nd of this year, companies have a one- to two-year grace period, depending on their size, to report that they cannot determine the compliance status of their supply chains. Once these grace periods end, companies must disclose to the SEC whether or not their supply chains contain conflict minerals. Thus, the extent to which CEOs recognize that aloof compliance reporting for Section 1502 can lead to a breach of SOX will become more apparent as companies near the end of their grace periods.

In my next post, I’ll discuss issues raised by respondents as pertinent to the implementation of SSCM strategies.